suzanne.soy/fork-openpgpjs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

prioritize signing with subkeys when possible

Browse Source
This commit is contained in:
Sanjana Rajan 2018-05-09 12:23:35 -07:00
parent 4926667cf9
commit 6efcce1069
2 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/key.js
View File

@ -287,11 +287,6 @@ function isValidSigningKeyPacket(keyPacket, signature, date=new Date()) {
Key.prototype.getSigningKeyPacket = async function (keyId=null, date=new Date(), userId={}) {
const primaryKey = this.primaryKey;
if (await this.verifyPrimaryKey(date, userId) === enums.keyStatus.valid) {
const primaryUser = await this.getPrimaryUser(date, userId);
if (primaryUser && (!keyId || primaryKey.getKeyId().equals(keyId)) &&
isValidSigningKeyPacket(primaryKey, primaryUser.selfCertification, date)) {
return primaryKey;
}
for (let i = 0; i < this.subKeys.length; i++) {
if (!keyId || this.subKeys[i].subKey.getKeyId().equals(keyId)) {
// eslint-disable-next-line no-await-in-loop
@ -303,6 +298,11 @@ Key.prototype.getSigningKeyPacket = async function (keyId=null, date=new Date(),
}
}
}
const primaryUser = await this.getPrimaryUser(date, userId);
if (primaryUser && (!keyId || primaryKey.getKeyId().equals(keyId)) &&
isValidSigningKeyPacket(primaryKey, primaryUser.selfCertification, date)) {
return primaryKey;
}
}
return null;
};

12
test/general/signature.js
View File

@ -653,7 +653,7 @@ yYDnCgA=
const plaintext = 'short message\nnext line\n한국어/조선말';
const pubKey = openpgp.key.readArmored(pub_key_arm2).keys[0];
const privKey = openpgp.key.readArmored(priv_key_arm2).keys[0];
await privKey.primaryKey.decrypt('hello world');
await privKey.decrypt('hello world');
return openpgp.sign({ privateKeys:[privKey], data:plaintext }).then(function(signed) {
@ -673,7 +673,7 @@ yYDnCgA=
const plaintext = pub_key_arm2;
const pubKey = openpgp.key.readArmored(pub_key_arm2).keys[0];
const privKey = openpgp.key.readArmored(priv_key_arm2).keys[0];
await privKey.primaryKey.decrypt('hello world');
await privKey.decrypt('hello world');
return openpgp.sign({ privateKeys:[privKey], data:plaintext }).then(function(signed) {
@ -693,7 +693,7 @@ yYDnCgA=
const plaintext = 'space: \nspace and tab: \t\nno trailing space\n \ntab:\t\ntab and space:\t ';
const pubKey = openpgp.key.readArmored(pub_key_arm2).keys[0];
const privKey = openpgp.key.readArmored(priv_key_arm2).keys[0];
await privKey.primaryKey.decrypt('hello world');
await privKey.decrypt('hello world');
return openpgp.sign({ privateKeys:[privKey], data:plaintext }).then(function(signed) {
@ -713,7 +713,7 @@ yYDnCgA=
const plaintext = openpgp.util.str_to_Uint8Array('short message\nnext line\n한국어/조선말');
const pubKey = openpgp.key.readArmored(pub_key_arm2).keys[0];
const privKey = openpgp.key.readArmored(priv_key_arm2).keys[0];
await privKey.primaryKey.decrypt('hello world');
await privKey.decrypt('hello world');
return openpgp.sign({ privateKeys:[privKey], data:plaintext }).then(function(signed) {
@ -733,7 +733,7 @@ yYDnCgA=
const plaintext = openpgp.util.str_to_Uint8Array('short message\nnext line\n한국어/조선말');
const pubKey = openpgp.key.readArmored(pub_key_arm2).keys[0];
const privKey = openpgp.key.readArmored(priv_key_arm2).keys[0];
await privKey.primaryKey.decrypt('hello world');
await privKey.decrypt('hello world');
return openpgp.sign({ privateKeys:[privKey], data:plaintext, armor:false }).then(function(signed) {
@ -753,7 +753,7 @@ yYDnCgA=
const plaintext = 'short message\nnext line\n한국어/조선말';
const pubKey = openpgp.key.readArmored(pub_key_arm2).keys[0];
const privKey = openpgp.key.readArmored(priv_key_arm2).keys[0];
await privKey.primaryKey.decrypt('hello world');
await privKey.decrypt('hello world');
return openpgp.sign({ privateKeys:[privKey], data:plaintext, detached: true}).then(function(signed) {
const signature = openpgp.signature.readArmored(signed.signature);
return openpgp.verify({ publicKeys:[pubKey], message: openpgp.message.fromBinary(openpgp.util.str_to_Uint8Array(openpgp.util.encode_utf8(plaintext))), signature: signature });